11:29 AM ET Wed, 21 Feb 2018 | 00:53
Tesla’s cloud system was hijacked by hackers who used it to mine cryptocurrency, according to researchers.
Hackers were able to infiltrate the automaker’s Kubernetes administration console because it was not password protected, cybersecurity firm RedLock said Tuesday. Kubernetes is a Google-designed system aimed at optimizing cloud applications.
This left access credentials for Tesla’s Amazon Web Services (AWS) account exposed, and hackers deployed cryptocurrency mining software called Stratum to mine cryptocurrency using the cloud’s computing power.
Cryptocurrency mining is a process whereby so-called miners solve complex mathematical problems to validate a transaction and add it to the underlying network.
RedLock did not specify which cryptocurrency was mined in the cyber breach.
Other major firms, including British insurer Aviva and Dutch SIM-maker Gemalto, were affected by similar problems, RedLock said. But the incident affecting Tesla’s cloud system was more sophisticated, and used a number of different strategies to hide the hackers from being detected.
RedLock said that it notified Tesla of the cyber exposure and that it was swiftly rectified.
Tesla said that it did not see any initial impact on customer data protection or the safety and security of its vehicles.
“We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it,” a spokesperson for Tesla said in an emailed statement.
“The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”
RedLock CTO Gaurav Kumar said businesses should monitor suspicious cyber activities to avoid being compromised.
“The message from this research is loud and clear — the unmistakable potential of cloud environments is seriously compromised by sophisticated hackers identifying easy-to-exploit vulnerabilities,” Kumar said in a statement Tuesday.
“In our analysis, cloud service providers such as Amazon, Microsoft and Google are trying to do their part, and none of the major breaches in 2017 was caused by their negligence.”
He added: “However, security is a shared responsibility. Organizations of every stripe are fundamentally obliged to monitor their infrastructures for risky configurations, anomalous user activities, suspicious network traffic, and host vulnerabilities. Without that, anything the providers do will never be enough.”